Chapter 1 Flashcards
Keeping data, software, and hardware secure against unauthorized access, use, disclosure, disruption, modification, or destruction.
Information Security
The requirements that are set forth by laws and industry regulations
Compliance
C.I.A.
Confidentiality
Integrity
Availability
Allowing only those authorized to access the data requested
Confidentiality
Keeping data unaltered by Accidental or Malicious intent
Integrity
The ability to access data when needed
Availability
The physical disposition of the media on which the data is stored
Possession/Control
Allows you to say whether you’ve attributed the data in question to the proper owner or creator
Authenticity
How useful the data is
Utility
Attacks that allow unauthorized users to access your data, applications, or environments, and are primarily an attack against confidentiality
Interception
Attacks that cause our assets to become unusable or unavailable for our use, on a temporary or permanent basis.
Interruption
Attacks that involve tempering with assets.
Modification
Attacks that involve generating data, processes, communications, or other similar activities with a system.
Fabrication
The likelihood that an event will occur
Risk
Events that could cause damage to assets
Threats
A weakness that a threat event of the threat agent can take advantage of
Vulnerabilities
An additional step that is taking into account the value of the asset being threatened
Impact
Protecting the physical environment in which your system sits, or where your data is stored.
Physical Control
Protects the systems, networks, and environments that process, transmit, and store your data
Technical/Logical Control
Dictate how users of your environment should behave and are based on rules, laws, policies, procedures and guidelines
Administrative Control
A model that adds three more principles to the CIA triad.
Parkerian Hexad
Three principles added to the C.I.A.by the Parkerian Hexad
Possession/Control
Utility
Authenticity
Forecasting and evaluation of financial risks together with the identification of procedures to avoid or minimize their impact.
Risk Management
Risk Management Processes
Identify Assets
Identify Threats
Assess Vulnerability
Assess Risks
Mitigate Risks
Identifying and categorizing the assets that we are protecting
Identify Assets
Identify and categorize the threats that affect the assets. (Once the critical assets have been found)
Identify Threats
Any given asset may have thousands or millions of threats that could impact it. It is important to ___________ _____________ in the form of potential threats.
Assess Vulnerabilities
We ______ ________ once we have identified the the threats and vulnerabilities for a given asset.
Assess Risks
Putting measures in place to help ensure that a given type of threat is accounted for.
Mitigate Risks
Measures used to alleviate risk
Control
Controls are divided into three categories
Physical
Logical
Administrative
When risk management practices have failed and have caused an inconvenience to a disastrous event, you follow through with _____________
Incident Response
Incident Response Cycle steps
Preparation
Detection and Analysis
Containment
Eradication
Recovery
Post Incident Activity
Consists of all the activities you can perform ahead of time to better handle an incident
Preparation
This is where the action begins. You detect an issue, decide whether it’s actually an incident, and respond to it appropriately.
Detection and Analysis
Taking steps to ensure that the situation does not cause any more damage than it already has, or to at least lessen any ongoing harm
Containment
The attempt to remove the effects of an issue from our environment
Eradication
Restoring devices or data from backup media, rebuilding systems, or reloading applications. Going back to a certain state you were in prior to the indident
Recovery
When we attempt to determine specifically what happened, why it happened, and what we can do to keep it form happening again
Post-Incident Activity
Latin for after death
post-mortem
